Attacker Value
Moderate
(1 user assessed)
Exploitability
Moderate
(1 user assessed)
User Interaction
Required
Privileges Required
None
Attack Vector
Network
1

CVE-2021-37976

Disclosure Date: October 08, 2021
CVE-2021-37976 CVSS v3 Base Score: 6.5
Exploited in the Wild
Reported by mkienow-r7 and 2 more...
View Source Details
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Add Assessment

1
Ratings
  • Attacker Value
    Medium
  • Exploitability
    Medium
Common in enterpriseUnauthenticatedVulnerable in default configurationNo useful access
Technical Analysis

More info will be available at https://bugs.chromium.org/p/chromium/issues/detail?id=1251787 when this bug gets declassified however for now https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html indicates that this is a Medium severity bug caused by an information leak within Core itself. It was discovered by Clément Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero and was first discovered on 2021-09-21.

The fact that Google TAG discovered this combined with the fact this was exploited in the wild means that its likely Google found this exploit via in the wild exploitation and TAG noticed these exploitation attempts, verified it was a 0day vulnerability, and then notified Google so that they could issue a fix. What is interesting though is that there is no mention of a related 0day exploit that was combined with this vulnerability, which I imagine would be needed in order to make a full exploit.

Most likely this vulnerability would be used to leak information needed for form a full exploit, and would likely be useful for bypassing certain security mitigations that may otherwise prevent the exploit from working normally.

On its own this vulnerability is therefore of Medium to Medium-Low severity, however given its use in exploits in the wild I’d recommend still patching this to make sure that you are protecting your organization against threats that have been proven to have been successfully exploited in real world scenarios. Just be aware that this might sit lower on your priority list than vulnerabilities that can get RCE on their own.

Log in to Add Reply
CVSS V3 Severity and Metrics
Base Score:
6.5 Medium
Impact Score:
3.6
Exploitability Score:
2.8
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
Required
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Chrome 94.0.4606.71
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • debian,
  • fedoraproject,
  • google

Products

  • chrome,
  • debian linux 10.0,
  • debian linux 11.0,
  • fedora 33,
  • fedora 34,
  • fedora 35

Exploited in the Wild

Reported by:
Technical Analysis